How WannaCry happened

In March, Microsoft discovered a vulnerability and issued a patch but not everyone updated their systems. Then in April, information was stolen (or leaked, no one is sure at this point) from the NSA that revealed the specific vulnerability and a hacking group sold the information. Despite issuing a way to fix the issue, Microsoft blasted the U.S. for 'stockpiling vulnerabilities' and allowing them to be stolen.